Impact
The flaw lies in the Socket module’s pack_ip_mreq_source function, which performs a length check based on the previous address parameter rather than the actual source argument. As a result, a source address shorter than four bytes passes validation, and the function copies up to three bytes beyond the end of its buffer into the fixed 4‑byte field, exposing adjacent heap memory.
Affected Systems
The vulnerability affects the Perl Socket module provided by PEVANS. Any installation of Socket versions earlier than 2.041 is susceptible, regardless of the Perl runtime version.
Risk and Exploitability
With a CVSS score of 9.1, this issue is considered high severity, yet the EPSS score of less than 1% indicates a very low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog, suggesting no known active exploitation campaigns. Attackers would need to invoke pack_ip_mreq_source with a source argument shorter than four bytes within a Perl application that imports the Socket module, potentially leaking arbitrary heap memory into the generated structure.
OpenCVE Enrichment